A spatio-temporal entropy-based approach for the analysis of cyber attacks

Mérien, Thibaud and Bellekens, Xavier and Brosset, David and Claramunt, Christophe; Xiong, Li and Tamassia, Roberto and Banaei, Kashani Farnoush and Guting, Ralf Hartmut and Hoel, Erik, eds. (2018) A spatio-temporal entropy-based approach for the analysis of cyber attacks. In: 26th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems, ACM SIGSPATIAL GIS 2018. Association for Computing Machinery, USA, pp. 564-567. ISBN 9781450358897 (https://doi.org/10.1145/3274895.3274921)

Preview

Text. Filename: Merien_etal_SIGSPATIAL2018_A_spatio_temporal_entropy_based_approach_for_the_analysis_of_cyber_attacks.pdf Accepted Author Manuscript Download (3MB)| Preview

Abstract

Computer networks are ubiquitous systems growing exponentially with a predicted 50 billion devices connected by 2050. This dramatically increases the potential attack surface of Internet networks. A key issue in cyber defense is to detect, categorize and identify these attacks, the way they are propagated and their potential impacts on the systems affected. The research presented in this paper models cyber attacks at large by considering the Internet as a complex system in which attacks are propagated over a network. We model an attack as a path from a source to a target, and where each attack is categorized according to its intention. We setup an experimental testbed with the concept of honeypot that evaluates the spatio-temporal distribution of these Internet attacks. The preliminary results show a series of patterns in space and time that illustrate the potential of the approach, and how cyber attacks can be categorized according to the concept and measure of entropy.

ORCID iDs

Bellekens, Xavier ORCID: https://orcid.org/0000-0003-1849-5788

• Share and Export
  

  RDF+XMLBibTeXRIOXX2 XMLRDF+N-TriplesJSONDublin CoreAtomSimple MetadataReferMETSHTML CitationASCII CitationOpenURL ContextObjectEndNoteOpenURL ContextObject in SpanMODSMPEG-21 DIDLEP3 XMLData Cite XMLRIS (EndNote Online, Zotero, Ref manager, etc)RDF+N3Multiline CSV
• Item metadata

  Item type:	Book Section
  ID code:	70910
  Dates:	Date Event 6 November 2018 Published 23 August 2018 Accepted
  Notes:	© ACM 2018. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in SIGSPATIAL '18, https://doi.org/10.1145/3274895.3274921
  Subjects:	Science > Mathematics > Electronic computers. Computer science
  Department:	Faculty of Engineering > Electronic and Electrical Engineering
  Depositing user:	Pure Administrator
  Date deposited:	16 Dec 2019 15:02
  Last modified:	11 Nov 2024 15:19
  Related URLs:	Scopus publication Event
  URI:	https://strathprints.strath.ac.uk/id/eprint/70910